What's the mean of PIN cache in smart card csp
- From: Skybird Le <skybird.le@xxxxxxxxx>
- Date: Tue, 11 Dec 2007 17:47:31 +0800
Hi, every one
In "The Smart Card Cryptographic Service Provider Cookbook"
whose URL is http://msdn2.microsoft.com/en-us/library/ms953432.aspx,
there is a "PIN caching" Design Considerations. I read it one time and
again and again, but still can not get its mean. How can I add the PIN
to the cache with the logon ID for the security context of the current
thread?
I notice it is very important, because the "Microsoft Base Smart Card Crypto Provider"
can behave correctly with "checkpoint SecureClient NGX R60 HFA2" in
vista, but my csp can not work perfectly. Checkpoint SecureClient's
SR_Service.exe is a service, it call csp at first and then create a
child process SR_CAPI.exe with normal user's identity. The SR_CAPI.exe
calls csp to generate rsa key pair and sigh hash, during this progress
the csp will require smart card PIN with prompting PIN dialog, so
SR_CAPI.exe process's csp state is smart card pin provided and the pin
is cached in process. Now the SR_Service.exe will call csp to sign hash
using the generated rsa key bu SR_CAPI.exe, the "Microsoft Base Smart Card Crypto Provider" does not
prompt PIN dialog as this process's csp state is pin provided and cached,
but my csp will prompt to require smart card PIN.
According to smart card csp cookbook, the pin cache is
per-process, so the pin cache should not shared by two process, but why
"Microsoft Base Smart Card Crypto Provider" can share the pin cache in
two different process?
I expect your help!
Skybird Le
.
- Follow-Ups:
- Re: What's the mean of PIN cache in smart card csp
- From: Skybird Le
- Re: What's the mean of PIN cache in smart card csp
- Prev by Date: Re: Message signing fails when used in a driver
- Next by Date: Re: What's the mean of PIN cache in smart card csp
- Previous by thread: File xfer security
- Next by thread: Re: What's the mean of PIN cache in smart card csp
- Index(es):
Relevant Pages
|
